> From: Sam Hartman <hartm...@debian.org>
> To: "Karl O. Pinc" <k...@karlpinc.com>, 1033164-d...@bugs.debian.org, Andreas
> Hasenack <andr...@canonical.com>
> Cc: Benjamin Kaduk <ka...@mit.edu>, 1033...@bugs.debian.org
> Subject: Re: Bug#1033164: krb5-doc: The documented DEFCCNAME is, probably,
> not the actual credential cache name
> Date: Mon, 20 Mar 2023 12:16:58 -0600
>
> >>>>> "Karl" == Karl O Pinc <k...@karlpinc.com> writes:
>
> Karl> On Mon, 20 Mar 2023 09:27:39 -0300
> Karl> Andreas Hasenack <andr...@canonical.com> wrote:
>
> >> The extra randomness suffix happens when you login via
> >> ssh/gssapi.
>
> Karl> That is exactly how I'm logging in, authenticating credentials
> Karl> with MS Active Directory, with configuration set in
> Karl> /etc/sssd/sssd.conf and /etc/krb5.conf -- after joining with
> Karl> the "realm" command.
>
> pam_sssd always adds randomness to the cache name.
> So, this is not an issue with krb5; pam_sssd is explicitly setting
> KRB5CCNAME environment variable.
Thanks for the help with this. Much appreciated.
Regards,
Karl <k...@karlpinc.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
